In web-based systems involving data entry, there is a problem in checking the validity of the data. The prior art provides three choices, each having disadvantageous consequences:    1. Check the data only at the client. This lets you be responsive to the user (you can display helpful messages in a timely way), but leaves your system open to bad data from entities that bypass your client and speak directly to your server.    2. Check the data only at the server. This ensures that the server does not accept bad data, no matter what client is used to send it, but is harder to use because it may take a while to display messages to the user when data is incorrectly entered.    3. Check the data at the client and at the server. This is responsive to the user and is safe from bad data, but requires a lot of engineering work because the data validation code has to be maintained on two platforms.